Privacy Policy
Effective Date: June 2026
1. The "Local-First" Promise
Lumist is designed with an absolute, uncompromising commitment to privacy. We do not collect, transmit, store, or sell your personal information. In fact, we couldn't even if we wanted to.
2. Where your data lives
All of the data you enter into Lumist—including task names, client names, hourly rates, and time logs—is stored exclusively on your personal device using your browser's native IndexedDB storage sandbox.
No data is ever sent to a cloud server, database, or third-party API. Your workspace belongs to you and only you.
3. Cookies and Tracking
Lumist does not use tracking cookies, analytics pixels, or cross-site trackers. We respect browser environments like LibreWolf, Brave, and Tor. Any user preferences (such as your preferred currency or timezone) are saved locally on your device.
4. Data Deletion & Management
Because we do not have a server, we cannot delete your data for you. You have total control over your data lifecycle. To completely erase your Lumist data, simply clear your browser's cache/site data for lumist.app.
We highly recommend utilizing the "Data Portability" section in the Lumist Reports dashboard to regularly back up your data to a .json or .csv file before clearing your browser history.
5. Changes to this Policy
If we ever transition away from a strictly local-first architecture (e.g., to offer optional cloud syncing), this policy will be updated, and any cloud features will be strictly opt-in.